README.rdoc

Aegis - A complete authorization solution for Rails

Aegis is an authorization solution for Ruby on Rails that supports roles
and a RESTish, resource-style declaration of permission rules. Getting
started with Aegis is easy and requires very little integration. As your
authorization requirements become more complex, Aegis will grow with you.

End of life notice!

The authors of this gem have moved on to create Consul, our next-gen
authorization solution. While Aegis remains a stable solution for Rails 2,
this gem is not being developed further.

If you are looking for Rails 3+ support you might want to browse through forks of Aegis.

If you are interested in taking over future maintenance of Aegis, write to
henning.koch@makandra.de regarding transfer of gem ownership. Please attach
links to work you did on Aegis in a fork, so we can know you are serious
about this.

Getting started

All your permissions live in a single class Permissions.
Permissions are described using resources, similiar to your
routes. Your permission resources can match those in your routes, but
don't have to.

Access to resources or individual actions can be granted or denied to
specific roles.

class Permissions < Aegis::Permissions
role :user
role :admin
resources :projects do
allow :everyone
end
resources :users do
allow :admin
end
end

To give your user model a role, it needs to have an attribute
role_name. The has_role macro wires everything together:

class User < ActiveRecord::Base
has_role
end

You can now check if a user has permission to access a given action in your
controllers and views: